RE: [m0n0wall] Multiple servers, both have an apache install on.

From:	"Stewart Gilray" <stewart at just dash addwater dot com>
To:	"'Monowall User List'" <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Multiple servers, both have an apache install on.
Date:	Tue, 26 Feb 2008 17:39:45 -0000
Hi,
Ok so I got our ISP to give us a block of 8 IP' so that's all good.

And I've setup m0n0wall so that .250 goes to BOX1 and .251 goes to BOX2,
however in Firewall rules I still have port 80 pointing to 1 box only,
should I remove this rule now? or ... ?

Stewart

-----Original Message-----
From: Michel Servaes [mailto:michel at mcmc dot be] 
Sent: 26 February 2008 12:52
To: Monowall User List
Subject: Re: [m0n0wall] Multiple servers, both have an apache install on.

I can't image m0n0 doing this... it's a router, not a DNS...

Either use 2 WAN IP's, or modify the port of one of the boxes... i'd put 
your version control server on another port, since this seems to me that 
it isn't really needed to be accessible from the outside on a default 
port... perhaps SSL ??
Another thing you might consider, is to make an alias on one of the two 
boxes, that internally forwards them to 443 of your VCS (so the request 
comes in at BOX2, and internally forwards you to BOX1:443 (you'd have to 
open up SSL ofcourse on the monowall)

Stewart Gilray schreef:
> Hey,
> I'm a bit of a noobie at "complex" setups but here's my problem, if anyone
> can help I'd be hugely grateful as this is causing me a major headache.
>
> We have 2 servers, BOX1 & BOX2, as well as m0n0wall installed on an old
OLD
> box doing nothing but m0n0wall.
>
> On BOX2 we have email and web server, on BOX1 we have our version control
> software, the problem is, until last thursday everything was on the single
> box, anyway, our version control software also uses port 80, as does our
web
> server (apache 2.2.4) on BOX1.
>
> How can I get it so that e.g.
>
> VCS.DOMAIN.COM:80 will work correctly on BOX1 and,
> ANYTHINGELSE.DOMAIN.COM:80 will work correctly on BOX2
>
> Currently domains are setup correctly under DNS forwarding, however under
> Firewall RULES and NAT, both point port 80 to BOX2, is there a way I can
get
> port 80 to point to both boxes under certain circumstances or indeed an
> advance rule?
>
>  
>
> There must be some way to do it, E.G. a further rule that says ...
>
> If incoming domain request eq VCS.DOMAIN.COM:80 then point to BOX1 else
BOX2
>
>
> Thanks for this, my MD is going crazy at me for not finding this our
before
> we installed the new box, so anything you can help with would be great.
>
> Cheers.
>
>  
>
>  
>
> Stewart Gilray | ( +44 (0)844 884 9936 | *
> <blocked::mailto:stewart at just dash addwater dot com> stewart at just dash addwater dot com | 8
> <blocked::http://www.just-addwater.com/> www.just-addwater.com 
>
>  
>
>
>   

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



__________ Information from ESET NOD32 Antivirus, version of virus signature
database 2902 (20080226) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com

 

__________ Information from ESET NOD32 Antivirus, version of virus signature
database 2903 (20080226) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com